* 2fa support to ibexa 4.0 (#88)

* 2Fa support for ibexa 4.0
---------

Co-authored-by: mbouchaala <bouchaalamehrez@gmail.com>
Co-authored-by: Ousmane KANTE <ousmane.kante@almaviacx.com>
Co-authored-by: Florian ALEXANDRE <f.alexandre@novactive.com>

Author: 4 people

components/2FABundle/README.md

@@ -57,11 +57,11 @@ security:
     ...
     firewalls:
         ...
-        ezpublish_front:
+        ibexa_front:
             pattern: ^/
             user_checker: eZ\Publish\Core\MVC\Symfony\Security\UserChecker
             anonymous: ~
-            ezpublish_rest_session: ~
+            ibexa_rest_session: ~
             form_login:
                 require_previous_session: false
                 csrf_token_generator: security.csrf.token_manager
@@ -104,15 +104,15 @@ scheb_two_factor:
         issuer: EzIssuer                            # Issuer name used in QR code
         digits: 6                                   # Number of digits in authentication code
         window: 1                                   # How many codes before/after the current one would be accepted as valid
-        template: "@ezdesign/2fa/auth.html.twig"    # Template for the 2FA login page
+        template: "@ibexadesign/2fa/auth.html.twig"    # Template for the 2FA login page
 
     # TOTP Authenticator config
     totp:
         enabled: true                               # If TOTP authentication should be enabled, default false
         server_name: Server Name                    # Server name used in QR code
         issuer: TOTP Issuer                         # Issuer name used in QR code
         window: 1                                   # How many codes before/after the current one would be accepted as valid
-        template: "@ezdesign/2fa/auth.html.twig"    # Template used to render the authentication form
+        template: "@ibexadesign/2fa/auth.html.twig"    # Template used to render the authentication form
 
     # Trusted device feature
     trusted_device:
@@ -133,7 +133,7 @@ scheb_two_factor:
         sender_email: me@example.com             # Sender email address
         sender_name: John Doe                    # Sender name
         digits: 6                                # Number of digits in authentication code
-        template: "@ezdesign/2fa/auth.html.twig" # Template used to render the authentication form
+        template: "@ibexadesign/2fa/auth.html.twig" # Template used to render the authentication form
 
     # The security token classes, which trigger two-factor authentication.
     # By default the bundle only reacts to Symfony's username+password authentication. If you want to enable
@@ -211,4 +211,4 @@ php ezplatform/bin/console nova:2fa:remove-secret-key user_login
 
 ```
 
-> **Note to keep in mind**: If you have the 2FA already set up for the user and you're going to reset it by following the corresponding link on the 2FA Setup page don't change the method for the current Siteaccess before that! Because in this case the secret key will be supposed to be removed for the new method not for the old one and hence the reset won't work!
+> **Note to keep in mind**: If you have the 2FA already set up for the user and you're going to reset it by following the corresponding link on the 2FA Setup page don't change the method for the current Siteaccess before that! Because in this case the secret key will be supposed to be removed for the new method not for the old one and hence the reset won't work!

components/2FABundle/bundle/Command/Remove2FAForUserCommand.php

@@ -12,7 +12,7 @@
 
 namespace Novactive\Bundle\eZ2FABundle\Command;
 
-use eZ\Publish\Core\MVC\Symfony\Security\User;
+use Ibexa\Core\MVC\Symfony\Security\User;
 use Novactive\Bundle\eZ2FABundle\Core\UserRepository;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Input\InputArgument;

components/2FABundle/bundle/Controller/TwoFactorAuthController.php

@@ -12,10 +12,11 @@
 
 namespace Novactive\Bundle\eZ2FABundle\Controller;
 
-use eZ\Publish\API\Repository\PermissionResolver;
-use eZ\Publish\API\Repository\UserService;
-use eZ\Publish\Core\MVC\Symfony\Security\User;
-use EzSystems\EzPlatformAdminUiBundle\Controller\Controller;
+use Ibexa\Contracts\AdminUi\Controller\Controller;
+use Ibexa\Contracts\Core\Repository\PermissionResolver;
+use Ibexa\Contracts\Core\Repository\UserService;
+use Ibexa\Core\MVC\Symfony\Routing\Generator\UrlAliasGenerator;
+use Ibexa\Core\MVC\Symfony\Security\User;
 use Novactive\Bundle\eZ2FABundle\Core\QRCodeGenerator;
 use Novactive\Bundle\eZ2FABundle\Core\SiteAccessAwareAuthenticatorResolver;
 use Novactive\Bundle\eZ2FABundle\Form\Type\TwoFactorAuthType;
@@ -49,7 +50,7 @@ public function setupAction(
 
         if ($saAuthenticatorResolver->checkIfUserSecretOrEmailExists($user)) {
             return $this->render(
-                '@ezdesign/2fa/setup.html.twig',
+                '@ibexadesign/2fa/setup.html.twig',
                 [
                     'reset' => true,
                     'method' => $saAuthenticatorResolver->getMethod(),
@@ -78,7 +79,7 @@ public function setupAction(
 
         if (!isset($methodForm) && null === $saAuthenticatorResolver->getMethod()) {
             return $this->render(
-                '@ezdesign/2fa/setup.html.twig',
+                '@ibexadesign/2fa/setup.html.twig',
                 [
                     'form' => null,
                     'forced' => $saAuthenticatorResolver->isForceSetup(),
@@ -96,7 +97,7 @@ public function setupAction(
             !($methodForm->isSubmitted() && $methodForm->isValid())
         ) {
             return $this->render(
-                '@ezdesign/2fa/setup.html.twig',
+                '@ibexadesign/2fa/setup.html.twig',
                 [
                     'form' => $methodForm->createView(),
                     'forced' => $saAuthenticatorResolver->isForceSetup(),
@@ -109,7 +110,7 @@ public function setupAction(
             $saAuthenticatorResolver->setEmailAuthentication($user);
 
             return $this->render(
-                '@ezdesign/2fa/setup.html.twig',
+                '@ibexadesign/2fa/setup.html.twig',
                 [
                     'success' => true,
                     'method' => 'email',
@@ -124,7 +125,7 @@ public function setupAction(
             $result = $saAuthenticatorResolver->validateCodeAndUpdateUser($user, $qrCodeForm->getData());
             if ($result['valid']) {
                 return $this->render(
-                    '@ezdesign/2fa/setup.html.twig',
+                    '@ibexadesign/2fa/setup.html.twig',
                     [
                         'success' => true,
                         'method' => $saAuthenticatorResolver->getMethod(),
@@ -145,7 +146,7 @@ public function setupAction(
         }
 
         return $this->render(
-            '@ezdesign/2fa/setup.html.twig',
+            '@ibexadesign/2fa/setup.html.twig',
             [
                 'qrCode' => $QRCodeGenerator->createFromUser($user),
                 'form' => $qrCodeForm->createView(),
@@ -180,7 +181,10 @@ public function resetAction(
 
         if (isset($contentId, $locationId)) {
             return new RedirectResponse(
-                $router->generate('_ez_content_view', ['contentId' => $contentId, 'locationId' => $locationId]).
+                $router->generate(
+                    UrlAliasGenerator::INTERNAL_CONTENT_VIEW_ROUTE,
+                    ['contentId' => $contentId, 'locationId' => $locationId]
+                ).
                 '#ez-tab-location-view-reset-for-user#tab'
             );
         }

components/2FABundle/bundle/Core/BackupCodeManager.php

@@ -14,7 +14,7 @@
 
 namespace Novactive\Bundle\eZ2FABundle\Core;
 
-use eZ\Publish\Core\MVC\Symfony\Security\User;
+use Ibexa\Core\MVC\Symfony\Security\User;
 use Novactive\Bundle\eZ2FABundle\Entity\BackupCodeInterface;
 use Scheb\TwoFactorBundle\Security\TwoFactor\Backup\BackupCodeManagerInterface;
 

components/2FABundle/bundle/Core/SiteAccessAwareAuthenticatorResolver.php

@@ -14,10 +14,10 @@
 
 namespace Novactive\Bundle\eZ2FABundle\Core;
 
-use eZ\Publish\Core\MVC\ConfigResolverInterface;
-use eZ\Publish\Core\MVC\Symfony\Security\User;
-use eZ\Publish\Core\MVC\Symfony\SiteAccess;
-use eZ\Publish\Core\MVC\Symfony\SiteAccess\SiteAccessAware;
+use Ibexa\Contracts\Core\SiteAccess\ConfigResolverInterface;
+use Ibexa\Core\MVC\Symfony\Security\User;
+use Ibexa\Core\MVC\Symfony\SiteAccess;
+use Ibexa\Core\MVC\Symfony\SiteAccess\SiteAccessAware;
 use Novactive\Bundle\eZ2FABundle\DependencyInjection\Configuration;
 use Novactive\Bundle\eZ2FABundle\Entity\AuthenticatorInterface;
 use Novactive\Bundle\eZ2FABundle\Entity\BackupCodeInterface;
@@ -28,7 +28,7 @@
 use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticator;
 use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Totp\TotpAuthenticator;
 
-final class SiteAccessAwareAuthenticatorResolver implements SiteAccessAware
+class SiteAccessAwareAuthenticatorResolver implements SiteAccessAware
 {
     /**
      * @var SiteAccess|null

components/2FABundle/bundle/Core/SiteAccessAwareQueryExecutor.php

@@ -16,7 +16,7 @@
 
 use Doctrine\DBAL\Connection;
 use Doctrine\Persistence\ManagerRegistry as Registry;
-use eZ\Bundle\EzPublishCoreBundle\ApiLoader\RepositoryConfigurationProvider;
+use Ibexa\Bundle\Core\ApiLoader\RepositoryConfigurationProvider;
 
 final class SiteAccessAwareQueryExecutor
 {

components/2FABundle/bundle/Core/Tab/TwoFAManagement.php

@@ -14,14 +14,14 @@
 
 namespace Novactive\Bundle\eZ2FABundle\Core\Tab;
 
-use eZ\Publish\API\Repository\PermissionResolver;
-use eZ\Publish\API\Repository\UserService;
-use eZ\Publish\API\Repository\Values\Content\Content;
-use eZ\Publish\Core\MVC\Symfony\Security\User;
-use eZ\Publish\Core\Repository\Values\ContentType\ContentType;
-use EzSystems\EzPlatformAdminUi\Tab\AbstractTab;
-use EzSystems\EzPlatformAdminUi\Tab\ConditionalTabInterface;
-use EzSystems\EzPlatformAdminUi\Tab\OrderedTabInterface;
+use Ibexa\Contracts\AdminUi\Tab\AbstractTab;
+use Ibexa\Contracts\AdminUi\Tab\ConditionalTabInterface;
+use Ibexa\Contracts\AdminUi\Tab\OrderedTabInterface;
+use Ibexa\Contracts\Core\Repository\PermissionResolver;
+use Ibexa\Contracts\Core\Repository\UserService;
+use Ibexa\Contracts\Core\Repository\Values\Content\Content;
+use Ibexa\Core\MVC\Symfony\Security\User;
+use Ibexa\Core\Repository\Values\ContentType\ContentType;
 use Novactive\Bundle\eZ2FABundle\Core\SiteAccessAwareAuthenticatorResolver;
 use Symfony\Contracts\Translation\TranslatorInterface;
 use Twig\Environment;
@@ -89,7 +89,7 @@ public function renderView(array $parameters): string
         $user = new User($this->userService->loadUser($content->id));
 
         return $this->twig->render(
-            '@ezdesign/2fa/tabs/reset_for_user.html.twig',
+            '@ibexadesign/2fa/tabs/reset_for_user.html.twig',
             [
                 'user' => $user,
                 'isSetup' => $this->saAuthenticatorResolver->checkIfUserSecretOrEmailExists($user),

components/2FABundle/bundle/DependencyInjection/Configuration.php

@@ -14,7 +14,7 @@
 
 namespace Novactive\Bundle\eZ2FABundle\DependencyInjection;
 
-use eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Configuration\SiteAccessAware\Configuration as SAConfiguration;
+use Ibexa\Bundle\Core\DependencyInjection\Configuration\SiteAccessAware\Configuration as SAConfiguration;
 use Scheb\TwoFactorBundle\Model\Totp\TotpConfiguration;
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 

components/2FABundle/bundle/DependencyInjection/NovaeZ2FAExtension.php

@@ -14,7 +14,7 @@
 
 namespace Novactive\Bundle\eZ2FABundle\DependencyInjection;
 
-use eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Configuration\SiteAccessAware\ConfigurationProcessor;
+use Ibexa\Bundle\Core\DependencyInjection\Configuration\SiteAccessAware\ConfigurationProcessor;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Loader;

components/2FABundle/bundle/DependencyInjection/Security/PolicyProvider.php

@@ -14,7 +14,7 @@
 
 namespace Novactive\Bundle\eZ2FABundle\DependencyInjection\Security;
 
-use eZ\Bundle\EzPublishCoreBundle\DependencyInjection\Security\PolicyProvider\YamlPolicyProvider;
+use Ibexa\Bundle\Core\DependencyInjection\Security\PolicyProvider\YamlPolicyProvider;
 
 class PolicyProvider extends YamlPolicyProvider
 {